JumpCloud Office Hours: Join our experts every Friday to talk shop. Register today

JumpCloud unaffected by the CloudFlare #cloudbleed breach



As many of you have learned today, a fairly large security vulnerability was exposed by one of the world’s largest content delivery networks (CDN), CloudFlare. Now known as the #cloudbleed vulnerability, CloudFlare has assembled an informational post about the incident which you can find here.

JumpCloud is unaffected by this newly reported vulnerability. We have also completed a scan of each business units services and their potential impact of #cloudbleed, and there were no direct risks exposed.

What can you do to evaluate your own risk of exposure?

  1. Visit this public Github project which is being communally updated to expose websites possibly affected by #cloudbleed
  2. Ensure you have a well maintained and curated inventory of your web services which you may leverage to ensure your key account passwords are rotated.
  3. Ensure multi-factor authentication (2FA or MFA) is set up for your accounts moving forward.

As always, feel free to send us any questions you may have regarding threats and vulnerabilities to our security team. We’ll be happy to answer any questions.


Recent Posts
Use the JumpCloud Windows App now for easy, native, and secure password management for employees on Windows OS.

Blog

Introducing the JumpCloud Windows App for Workflow Simplicity and Security

Use the JumpCloud Windows App now for easy, native, and secure password management for employees on Windows OS.

Find a single identity and access management solution that supports all the authentication protocols you need. Try JumpCloud free today.

Blog

Which Protocols Should Be Used for IAM?

Find a single identity and access management solution that supports all the authentication protocols you need. Try JumpCloud free today.

Read this blog to see why a domainless approach to identity management is the future of IT, and how you can implement it easily in your environment.

Blog

Breaking Down the Domainless Enterprise

Read this blog to see why a domainless approach to identity management is the future of IT, and how you can implement it easily in your environment.